On 30/08/2021 14:03, Jan Beulich wrote: > @@ -933,7 +934,17 @@ int __init dom0_construct_pv(struct doma > #ifdef CONFIG_SHADOW_PAGING > if ( opt_dom0_shadow ) > { > + bool preempted; > + > printk("Switching dom0 to using shadow paging\n"); > + > + do { > + preempted = false; > + shadow_set_allocation(d, dom0_paging_pages(d, nr_pages), > + &preempted); > + process_pending_softirqs(); > + } while ( preempted );
This isn't correct. The shadow pool is needed even without opt_dom0_shadow, because some downstreams have elected not to retain upstream's security vulnerability in default setting of opt_pv_l1tf_hwdom. Also, dom0_paging_pages() isn't a trivial calculation, so should be called once and cached. ~Andrew